Overview

A payment gateway is an essential part of your online strategy. Popular shopping carts are compatible with a great variety of payment systems widely known as payment gateways. But how can you choose the one that's right for you? You do not have the luxury of rectifying a wrong decision. Apart from the cost of the service, you stand to lose out much more - customers, orders, fraud related losses, integration time, time to market etc.

On the stage of getting your online store live, you will likely face the problem of accepting credit card payments from your customers. It's the most common and convenient payment method available over the Internet. To be able to accept credit card payments at your X-Cart based online store, you will need to subscribe for the service of a payment gateway which will process credit cards for you. Payment gateway service is available from such companies as Authorize.NET, PayPal, WorldPay, 2CheckOut and some others.

There are several significant benefits when using the payment gateway service:

Most of payment gateways have a sophisticated fraud protection mechanism which helps to avoid most of chargebacks from the customers whose credit card might have been stolen by hackers.

The process is fully automated so you can save vast amount of time if you have many orders.

Some payment gateways like 2CheckOut allow you to accept credit cards even if you do not have internet merchant account (it may be difficult to obtain a merchant account if you have just started the business and haven't got positive credit history yet).

Choice criterias

Things to ask first

Some important initial questions you should ask of any potential vendor of billing software include:

How long has the company been in business?

What is the history of the company?

How long has the particular features package you're interested in been on the market?

How many and what types of Web services use their software?

Are client references available for you to call?

Is demo version of the software available?

What is the availability and accessibility of system setup, training and support, as well as the approximate cost of these essential items?

Does the company have the capability to import data from your previous billing system if necessary, what is the cost for this service, and have they been successful with this?

What are the hardware and networking requirements recommended by the software vendor for optimum efficiency?

What is the cost of their 'basic' system and what is 'included'? What additional products are available at an extra charge to enhance the basic software package?

Merchant account

First, you should draw a line between payment gateways which require a merchant account and those which don't.

Payment gateways requiring a merchant account usually offer attractive commission rates, for example 1.8% of each transaction, a fixed $0.20 from each transaction, and a series of monthly charges grouped under several headings, usually amounting to less than $100. This means that your company keeps a greater share of gross sales.

On the other hand, payment gateways requiring a merchant account have several disadvantages:

They seldom engage in fraud prevention and rather leave it in the hands of the seller to decide which transactions are safe to accept and which should be rejected. If the company suffers a high rate of fraud, the gateway provider may terminate the service.

Moreover, signing up for a merchant account can take around one month, and these are usually only granted to incorporated companies with an existing financial background.

Lastly, it can be hard to get authorization for transactions with certain credit cards such as American Express and Diners Club.

In the case of payment gateways not requiring a merchant account, the main advantages are:

You will be ready to sell immediately.

Fraud prevention tools are provided free of charge.

There are usually no fixed charges (only a commission over transactions).

Of course the disadvantage is a less attractive commission rate, usually between 5.5% and 12%, with a $0.80 fixed rate per transaction. It is also worth noting that the name on the customer's credit card statement will be the name of the payment company, not yours.

Integration, customization and branding

From the technological point of view, you should consider the type of integration and security measures offered by each gateway. One of the most important criteria is that your customers receive a consistent and smooth transaction experience through this process. Many 3rd party payment gateways forget this fact.

The feature acceptable for quick implementation is web form integration with the payment gateway: integration simply consists of a web form to send payment information. In a typical transaction therefore your сustomer is shunted from your website to the payment gateway website. The look and feel of both websites are different resulting in a non-consistent experience. This is proven to reduce the trust factor for a customer. Some payment gateways allow you to put a header banner, or logo. This however is not enough to provide a consistent experience. However, some of the best payment services allow complete customization of the payment pages. You can change the text color, size, font, background colors, header, header background etc, all through an easy-to-use web based interface. In selecting a payment gateway, ensure that you obtain an interface that allows you to completely customise the payment pages.

If you look forward to have a secure and uniform integration, you should choose a gateway with the most complex integration method. However, first consult with your hosting provider if you comply with all requirements (SSL certificate, permission to install components, permission to open ports in the firewall, etc.)

Fraud detection and risk mitigation

Indeed, business loss from online fraud can be daunting. So merchants have realised the importance of taking necessary measures to minimise losses occurring due to online fraud. It is important that the payment gateway you choose supports basic fraud detection and risk mitigation measures. Note that fraud detection does not simply end with AVS, or CVV2. Most payment gateways will offer you CVV (Verified by Visa) checking. While it is an additional measure, it does not successfully detect fraudulent patterns. Ideally choose a payment gateway which offers you fraud detection tools apart from just AVS and CVV2.

Transaction features

Credit card transactions have a versatile set of features. There are various modes of transaction that can be performed. Auth-capture, sale mode, reversal, partial captures, partial reversals etc. It is important that the payment gateway supports all the transaction modes. Various business occasions require different combinations of these transaction modes.

For instance if a customer places an order you would authorise the transaction. In case you do not have all items he requested you would initiate a partial capture at the time of delivery. If the customer got the items, but one of them was damaged, he would return it back to you, in this case you would initiate a partial refund.

Security

Financial transactions require profound security measures. And it's not only the Verisign 128 bit Digital Certificate which most payment gateways have. Security is a ground-up activity which needs to be effectively planned. There are several facets to take care of, including the physical and datacenter security (where the payment gateway servers are hosted), OS and application security, firewall and intrusion detection systems at the OS and application layer, database security, and finally transaction security. Each of these requires initial establishment and continuous monitoring. Verify that the payment gateway you select controls all the facets of security on an ongoing basis.

Easy integration

Time-to-market is the mantra for online businesses. Every online customer lost to a competitor represents higher customer acquisition costs. Additionally, most merchants today outsource their website development. It is crucial therefore that the payment gateway offers you an easy integration process. This is another area where few payment gateways offer ready-made integration kits for all possible platforms. Quite a few payment gateways implement only complex Socket based APIs requiring you to write clients in specific languages to talk proprietary protocols. Another common problem faced here is some payment gateways have integration kits which require a DLL or a component to be installed on your server. This becomes an issue if you are hosted in a virtual hosting environment. Your server provider may not be willing to install any component on their servers. Make sure to check up on the feasibility of the integration process in detail before you make you mind regarding payment gateway choice.

Comprehensive merchant interface

One more aspect to check from the beginning is the functionality provided by the merchant interface. The types of reports available, the interfaces available for searching transactions, processing captures and refunds, requesting withdrawals etc. In fact, you should request for a demo of the merchant interface before you make your payment gateway decision to ensure that it supports all the features you expected.

Hidden costs

Many payment gateways may have hidden costs associated with them that may not be disclosed in the beginning. This may not allow you to compare them with enough depth. Some of the hidden costs with any payment gateway service are as follows:

Chargeback fees

Chargeback Forex losses: this particular item is important. Most banks, or payment gateways will charge you Forex losses on chargebacks. Sometimes this can translate to a substantial amount. Some service providers, however, will bear the chargeback losses themselves.

Reversal fees

Termination fees

Hidden setup charges

Non-Sufficient Funds fees

Annual fees

Statement fees (more for more services)

Customer support fees

Withdrawal charges

Most of these costs will not be mentioned on their websites. It is important that you understand all the costs mentioned above and ask the provider directly for all data related to these costs. Most providers will charge you these fees without disclosing them to you.

Time to withdrawal

Find out how soon you can get access to your money. Some payment gateways may proclaim a no-reserve policy, but take a month to remit your funds. That means your funds remain blocked for a period of one month with the provider. While most payment gateways may maintain reserves for risk mitigation, it is essential to estimate within how much time you will have access to your funds.

Technical support

Ensure that your payment gateway provider has a well-staffed and trained support team. Under ideal circumstances the payment gateway provider should have a 24x7x365 support desk. It'll enable you to respond quickly to your international customers who may have queries with regard to their online transaction.

Multicurrency

With a global audience multi-currency support becomes essential for those who have customers outside USA and Europe. Though it is not an extremely essential feature, it is helpful to be able to charge your customers in local currencies, or at least US Dollar currency.

Reserve funds

Most payment gateways will reserve certain portion of your funds to mitigate risk due to chargebacks. What is important is to find out the reserve amounts and how they are calculated, as well as the time period for which the reserve is maintained. Also ensure that you tie up with a payment gateway that maintains a rolling reserve as opposed to a fixed reserve, so that funds begin rolling in your account albeit a little late.

E-Goods selling

Another factor to bear in mind is that some payment gateways are not available for the sale of intangibles such as software and services, while others are.

Call back response

Lastly, we should mention the call back response or silent response feature. What is this, and how can it help selling with the shopping cart?

Call back response is a silent and secure signal sent by the payment gateway to the shopping cart to notify the result of a transaction. This is extremely useful to update the order status from pending to paid and trigger other processes related to the approval of a payment, such as:

Decreasing the stock of the products purchased

Delivering digital goods

Increasing sales figures

Notifying affiliates and suppliers

Alternatives to online systems

X-Cart supports payments through non-credit card means, for example PayPal. This company acts as an intermediary between users and transfers funds from one user to another by discounting the amount of the transaction from the payer's account. This system can be useful in certain cases, although the verification procedure is quite complicated.

Conclusion

If your store is just starting out you will want to keep fixed costs low. You should choose a gateway which offers its own SSL certificate free of charge, which doesn't require installing components in your server, and which doesn't charge excessive penalties for chargebacks.

If your store is already established, with a clear projection of sales levels, you will want to choose a gateway which allows you to use your own merchant account, your own SSL certificate, and offers all the security measures and uniformity of advanced integration methods.